Пример #1
0
        private static byte *GetFirstTestEaxEaxAddress(byte *p)
        {
            Ldasm ldasm;

            ldasm = new Ldasm();
            while (true)
            {
                if (*p == 0x85 && *(p + 1) == 0xC0)
                {
                    return(p);
                }
                else
                {
                    p += ldasm.Disassemble(p, !RuntimeEnvironment.Is32Bit);
                }
            }
        }
Пример #2
0
        private static byte *GetFirstCallAddress(string functionName, string callTargetName)
        {
            Ldasm ldasm;
            byte *p;
            void *pTarget;

            ldasm   = new Ldasm();
            p       = GetFunctionAddress(functionName);
            pTarget = GetFunctionAddress(callTargetName);
            while (true)
            {
                if (*p == 0xE8 && p + *(int *)(p + 1) + 5 == pTarget)
                {
                    return(p);
                }
                else
                {
                    p += ldasm.Disassemble(p, !RuntimeEnvironment.Is32Bit);
                }
            }
        }